To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00053408
Location: Washington, DC
Category: Proj and Prog Management
Schedule (FT/PT): Full Time
Travel Required: No
Shift: Day
Potential for Telework: No
Clearance: None
Referral Eligibility: Eligible
Group: Intelligence

Share: mail twitter linkedin


Job Description:

The position of DHS CISO Supply Chain Risk Program Manager will manage the functional area’s risk and opportunity planning, analysis and reporting to include NIST and Cybersecurity supplier due diligence and monitoring, source code analysis, CMMC, and program management office policies, as well as knowledge of SC risk elements of FAR and DFARS. The position will lead the development of SC policy development, support change management efforts across the component, and create training programs to ensure adoption. 

The program focuses on the following continuous and iterative steps:

Frame risk – establish the context for risk-based decisions and the current state of the information system or supply chain infrastructure;

Assess risk – review and interpret criticality, threat, vulnerability, likelihood, impact, and related information;

Respond to risk once determined – select, tailor, and implement mitigation controls; and

Monitor risk on an ongoing basis, including changes to information systems or supply chain infrastructure, geo-political concerns and potential impacts, and using effective organizational communications and a feedback loop for continuous improvement;

Monitor, evaluate and interpret - the evolving landscape of Governance, Geo-Political concerns, Risk and Compliance for information technology and information security

The DHS SOC Support Service Program has a critical need for a Supply Chain Risk Manager. This is a full time funded position based in Washington DC.  

  • Develop supplier risk assessment protocols, deploy these protocols and conduct supplier audits to assess adherence

  • Assess, manage, and report on overall cybersecurity posture of our supply base, to include their security policies, procedures, and standards followed.

  • Design, implement, and maintain controls of functional area risks

  • Understand current business procedures, problems with those current procedures, and possible solutions that use current modeling technology

  • Oversee data gathering, exploration and research into current industry trends, publishing the results to a wide technical, executive audience

  • Coordinate with internal/external teams in designing and developing new systems, processes, and procedures for supply risk management

  • Stay abreast of emerging cybersecurity trends and communicate risks to supply base

  • Stay abreast of current geopolitical risks and concerns and communicate risks to supply base and develop potential mitigation plans

  • Communicate cybersecurity risk and awareness training to supply base.

  • Identify and incorporate new regulatory and contractual requirements into our supplier management processes and related Information Security infrastructure.

Minimum Requirements Include:

  • Bachelor's Degree and 8 -12 years of related experience required, Master’s preferred; in management or supply chain management or engineering or compliance preferred

  • Ability to obtain DHS EOD

  • Strong knowledge of supply chain fundamentals

  • Working knowledge of ISO-27001, NIST 800-53, NIST 800-171 or similar framework

  • Prior eight (8) years of experience of working within a supply chain or supplier quality role

  • Experience performing supply chain risk assessments to identify and articulate security risks at suppliers

  • Understanding of cybersecurity controls to include access control, identification and authorization, incident response, and other preventative and detective measures.

  • Experience in working with supplier IT and information security teams to assess, measure, and improve their information security controls to meet internal standards

  • Ability to analyze data, draw reasonable conclusions and make recommendations that withstand critical examination Ability to communicate complex analysis to all levels of the organization

  • Demonstrated technical project management skills

  • Demonstrated capabilities to organize and track your own work, and the work of others

  • Demonstrated cross-functional business partnership development

  • Clear and concise communication skills, with experience presenting to senior executive levels

  • Knowledge of the Federal Acquisition Regulations (FAR)/ Defense Federal Acquisition Regulations (DFAR)/ and other agency FAR supplements

  • Proficiency in MS Word, Excel, Project and PowerPoint

  • Preferred Qualifications Include:

  • Past history developing policies and procedures for compliant procurement in an services environment

  • Fundamental understanding of supplier quality management processes SharePoint Administration

  • Understand where DoD has been with DICAP, RMF as well as emerging frameworks like the Cybersecurity Maturity Model Certification (CMMC) and its impact on SpaceX supply chain and vendor relations.

External Referral Bonus:


Potential for Telework:


Clearance Level Required:




Scheduled Weekly Hours:




Requisition Category:


Job Family:

Proj and Prog Management

Pay Range:

About Leidos

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 39,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

   Save Job Saved

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community